Solved

ASP Sessions Being Cleared/Modified

Posted on 2016-08-20
6
50 Views
Last Modified: 2016-08-26
Hi there,

I have a website using classic ASP and it currently uses a lot of session variables to keep track of what is being done on several pages.  At one point, I redirect my website to PayPal to process a payment and then get PayPal to redirect back to my website.  For some reason though, it appears that the session variables get cleared/modified when the redirection to my website occurs.  Is there any reason for this?  I need to ensure these variables stay in place in the browser until the user either logs out of my website or closes the browser.  Any suggestions??

Thank you,
- Christian
0
Comment
Question by:Christian Palacios
  • 3
  • 2
6 Comments
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 41763795
Are you using 'https' for the pages both before and after connecting to Paypal?
0
 

Author Comment

by:Christian Palacios
ID: 41763815
No, my website doesn't use HTTPS.  Is that clearing my sessions?
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 350 total points
ID: 41763838
Switching from 'http' to 'https' can have side effects like that.  Browsers don't carry the session data, only the cookie that identifies the session.  I would look at the cookies before and after the Paypal pages to see if they are changing.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:Christian Palacios
ID: 41763843
Thank you.  I understand you have to enable cookies in your browser first.  Do all browsers have cookies turned off by default?  Do you have a way to check if a browser's cookies are disabled so I can check that?

Thanks!!
0
 
LVL 52

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 150 total points
ID: 41763862
Change your session variables to cookies and that will solve this issue and others.  Sessions in asp are in memory.  If RAM max's out, the worker process crashes and resets sessions.  If you set cookies, your app will be more stable as far as being able to track a person when they leave and come back.

I have an article on using cookies for log in, then tracking those cookies in your database.  This opens up the doors to a lot more possibility.  https://www.experts-exchange.com/articles/18259/User-Log-In-Using-A-Token.html

It should be very easy to move from session http://www.w3schools.com/asp/asp_sessions.asp to cookies http://www.w3schools.com/asp/asp_cookies.asp.   You only need to change session("something") = "abc" to response.cookies("something")="abc" to set and to get change  var1 = session("something") to var1 = request.cookies("something")
0
 

Author Closing Comment

by:Christian Palacios
ID: 41772156
Thank you for your help!  Switching to cookies solved my problem!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Internet is a big network which is formed by connecting multiple small networks.It is a platform for all the users which are connected to it.Internet act as platform in different fields. Such as: Internet  as a collaboration platform. Internet  as…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now